Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Om de ûnderfining foar jo te ferbetterjen is tydlik de funksjonaliteit dan dizze website troch ûnderhâldswurk beheind. Wannear in artikel jo probleem net oplost en jo in fraach stelle wolle, kin ús stipemienskip jo helpe yn @FirefoxSupport op Twitter en /r/firefox op Reddit.

Avatar for Username

Sykje yn Support

Mij stipescams. Wy sille jo nea freegje in telefoannûmer te beljen, der in sms nei ta te stjoeren of persoanlike gegevens te dielen. Meld fertochte aktiviteit mei de opsje ‘Misbrûk melde’.

Mear ynfo

Dizze konversaasje is sluten en argivearre. Stel in nije fraach as jo help nedich hawwe.

Encryption - email account with no key can access encrypted email?

  • 10 antwurd
  • 1 hat dit probleem
  • 1 werjefte
  • Lêste antwurd fan Matt

johnbarry29
johnbarry29
more options

I've set up 3 email accounts on Thunderbird on a single computer.

I've set up 2 of them with each other's keys to send and receive encrypted emails.

However, the third email account has no key at all but can still read encrypted emails by pressing the "Repair Message" button.

Thunderbird won't let you encrypt a message unless at least one of the recipients of an email has a key. However, if another recipient doesn't have a key, that recipient will still receive the encrypted message but can open it as explained above.

Have I done something wrong? I thought the receiver without the key should not be able to open the encrypted email. If they can open it, does that mean anyone at any hop along the path of the email can open it?

TIA John

I've set up 3 email accounts on Thunderbird on a single computer. I've set up 2 of them with each other's keys to send and receive encrypted emails. However, the third email account has no key at all but can still read encrypted emails by pressing the "Repair Message" button. Thunderbird won't let you encrypt a message unless at least one of the recipients of an email has a key. However, if another recipient doesn't have a key, that recipient will still receive the encrypted message but can open it as explained above. Have I done something wrong? I thought the receiver without the key should not be able to open the encrypted email. If they can open it, does that mean anyone at any hop along the path of the email can open it? TIA John

Alle antwurden (10)

Matt
Matt
  • Moderator
  • Top 10 Contributor
more options

Is this using s/mime or PGP and enigmail?

johnbarry29
johnbarry29 Fraacheigener
more options

Hi Matt,

I'm using PGP and enigmail.

johnbarry29
johnbarry29 Fraacheigener
more options

Well I assume it's using PGP and Enigmail. I downloaded the PGP package and added the Enigmail extension to Thunderbird.

johnbarry29
johnbarry29 Fraacheigener
more options

I think the problem was that I was trying to test it all on the same machine. When I tested an email to a different host they were not able to decrypt the message.

Thanks.

Matt
Matt
  • Moderator
  • Top 10 Contributor
more options

one instance of Thunderbird with three email accounts will certainly have access to the encryption keys for all accounts. They are not doled out per account.

johnbarry29
johnbarry29 Fraacheigener
more options

Yes, Thanks Matt!

r_avital
r_avital
more options

Matt said

one instance of Thunderbird with three email accounts will certainly have access to the encryption keys for all accounts. They are not doled out per account.

If this is true, it is a really, really faulty design.

Matt
Matt
  • Moderator
  • Top 10 Contributor
more options

r_avital said

Matt said
one instance of Thunderbird with three email accounts will certainly have access to the encryption keys for all accounts. They are not doled out per account.

If this is true, it is a really, really faulty design.

It is true and personally I see no fault in the design. You might, but really it is not relevant in the context of this question what you think is faulty.

r_avital
r_avital
more options

And here I was under the impression, apparently mistaken, that as long as the language is kept clean and courteous, criticism, including of the design of TB, was allowed and legitimate. Respectfully, what is relevant to you is not relevant to me. Whatever, me wrong you right have a nice day.

Matt
Matt
  • Moderator
  • Top 10 Contributor
more options

Locking this spam generating topic.